Medicaid Monitor
Policy Intelligence
Medicaid Monitor
Policy Intelligence
© 2026 Lanphier Ventures, LLC
Informational use only. Not legal or compliance advice.
← All stories
Federal Policy·May 27, 2026

GAO: VA Improved Cybersecurity for Million Veteran Program After 2025 Recommendations

The Government Accountability Office found that VA has implemented 9 of 13 cybersecurity recommendations made in September 2025 to protect veterans' health information in the Million Veteran Program system. While VA's business associate agreements with external entities fully comply with HIPAA Privacy Rule requirements, GAO identified deficiencies in asset management, configuration management, and access controls that reduced assurance of data confidentiality. The improvements are significant given that MVP contains sensitive health data for approximately 1 million veterans in the nation's largest veteran biorepository. GAO continues monitoring VA's progress on the remaining four recommendations.

Managed Care

Read the full article at gao.gov

Share this briefing

You might also like

← All stories

Get the daily briefing.